Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/f8mR7x_Eql1GrHixcgTslai_6HA.roa
File: f8mR7x_Eql1GrHixcgTslai_6HA.roa (raw, json)
Hash identifier: ACqqzErASt6LCAfJ+mbnHb3aZJoUNwhVuTrLuExIv+o=
Subject key identifier: 7F:C9:91:EF:1F:C4:AA:5D:46:AC:78:B1:72:04:EC:95:A8:BF:E8:70
Certificate issuer: /CN=46d713ada8dabcf77681c0ca42d9969e447c8ea7
Certificate serial: 018CC8013C05E2E63DD7496780907751BD45
Authority key identifier: 46:D7:13:AD:A8:DA:BC:F7:76:81:C0:CA:42:D9:96:9E:44:7C:8E:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RtcTrajavPd2gcDKQtmWnkR8jqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/f8mR7x_Eql1GrHixcgTslai_6HA.roa
Signing time: Tue 02 Jan 2024 02:29:33 +0000
ROA not before: Tue 02 Jan 2024 02:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39673
IP address blocks: 91.209.40.0/24 maxlen: 24
91.209.48.0/24 maxlen: 24
91.209.50.0/24 maxlen: 24
2a0f:5fc0:dead::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/RtcTrajavPd2gcDKQtmWnkR8jqc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/RtcTrajavPd2gcDKQtmWnkR8jqc.mft
rsync://rpki.ripe.net/repository/DEFAULT/RtcTrajavPd2gcDKQtmWnkR8jqc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Jun 2024 10:01:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:3c:05:e2:e6:3d:d7:49:67:80:90:77:51:bd:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46d713ada8dabcf77681c0ca42d9969e447c8ea7
Validity
Not Before: Jan 2 02:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7fc991ef1fc4aa5d46ac78b17204ec95a8bfe870
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c1:66:df:ea:47:e8:9a:3b:bb:7a:9b:c4:93:
76:ce:8a:19:3d:8e:45:1c:00:93:04:10:a9:7d:a8:
51:f4:c7:42:b0:09:d3:3b:89:b1:b1:5b:66:9a:54:
e2:88:a9:71:1d:4b:c6:06:c2:a9:46:15:76:6e:58:
cc:0a:59:14:8a:60:29:28:ec:4f:eb:22:1f:8d:5c:
d0:bc:c7:a8:c6:7a:3f:55:b9:8f:87:d6:79:32:e4:
f5:f2:85:be:38:08:08:d6:0f:1a:a1:7b:ba:a4:d5:
b9:2e:50:f5:d2:b6:64:38:cb:ee:76:6b:f6:01:00:
57:8c:82:d5:32:33:a1:67:44:00:7b:7c:b8:7e:c6:
fe:0b:b5:76:bb:33:91:33:f9:0f:e1:38:86:d5:80:
7e:eb:b5:a2:9b:9b:7f:1c:3c:be:fb:3e:65:b7:9f:
d5:dd:77:63:1a:97:b4:03:c2:8b:22:a1:e5:b5:99:
cf:ec:bc:fa:c3:fe:69:d5:09:74:00:b9:7d:3e:8a:
4c:65:40:e3:93:e6:d2:19:c6:85:58:92:04:59:73:
02:65:44:03:15:65:d5:4a:4e:86:08:2c:83:cd:20:
f3:d0:92:ba:36:58:bd:ef:69:e9:e0:e1:18:a3:1e:
78:3d:18:0c:99:dc:a2:1f:45:8b:ca:27:d7:09:c8:
bb:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:C9:91:EF:1F:C4:AA:5D:46:AC:78:B1:72:04:EC:95:A8:BF:E8:70
X509v3 Authority Key Identifier:
keyid:46:D7:13:AD:A8:DA:BC:F7:76:81:C0:CA:42:D9:96:9E:44:7C:8E:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RtcTrajavPd2gcDKQtmWnkR8jqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/f8mR7x_Eql1GrHixcgTslai_6HA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/RtcTrajavPd2gcDKQtmWnkR8jqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.40.0/24
91.209.48.0/24
91.209.50.0/24
IPv6:
2a0f:5fc0:dead::/48
Signature Algorithm: sha256WithRSAEncryption
57:69:e6:41:42:7f:da:92:93:d9:e4:3b:c2:20:72:02:f3:4a:
14:e5:ed:fb:fe:16:06:81:7a:3d:d1:52:21:38:c5:cd:eb:d9:
23:b9:51:a6:27:53:b5:0c:ba:ba:14:52:50:2a:a3:a9:a0:a1:
2d:34:f5:22:1f:44:26:95:d7:2b:a6:6c:02:6e:83:8d:25:6d:
92:d1:4a:a0:51:3e:e6:0c:41:44:7d:ec:15:17:fd:2c:4c:f8:
08:22:0e:e3:1c:42:24:b7:19:ce:b0:72:0b:6d:01:4d:ae:84:
bc:fd:46:e2:78:de:14:e9:f2:a2:31:f1:6a:2d:de:3f:15:7a:
3c:c0:e8:65:4f:b9:48:a6:60:95:d1:7c:d8:4f:3c:2a:71:7d:
82:ab:1d:d7:e4:fc:c0:2a:f0:09:63:16:d0:9e:c2:0a:e5:ee:
7d:e1:64:2c:82:a6:c3:b3:37:7e:62:25:5b:b2:70:8c:b4:c6:
57:74:b2:e7:30:6c:cc:92:71:ef:c1:e1:38:c0:68:57:b7:00:
f2:c2:7f:71:c9:b6:dc:51:1b:35:82:1e:47:e8:95:1a:7a:4e:
5e:e2:09:b9:f7:7f:32:82:89:61:63:4c:2d:e7:a7:00:5a:dd:
fc:ce:9e:73:a5:e1:43:f2:d9:6f:26:bd:1d:d3:9a:ee:bd:8e:
aa:29:8d:c7
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzIATwF4uY910lngJB3Ub1FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZDcxM2FkYThkYWJjZjc3NjgxYzBjYTQyZDk5NjllNDQ3
YzhlYTcwHhcNMjQwMTAyMDIyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmM5OTFlZjFmYzRhYTVkNDZhYzc4YjE3MjA0ZWM5NWE4YmZlODcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMFm3+pH6Jo7u3qbxJN2zooZPY5F
HACTBBCpfahR9MdCsAnTO4mxsVtmmlTiiKlxHUvGBsKpRhV2bljMClkUimApKOxP
6yIfjVzQvMeoxno/VbmPh9Z5MuT18oW+OAgI1g8aoXu6pNW5LlD10rZkOMvudmv2
AQBXjILVMjOhZ0QAe3y4fsb+C7V2uzORM/kP4TiG1YB+67Wim5t/HDy++z5lt5/V
3XdjGpe0A8KLIqHltZnP7Lz6w/5p1Ql0ALl9PopMZUDjk+bSGcaFWJIEWXMCZUQD
FWXVSk6GCCyDzSDz0JK6Nli972np4OEYox54PRgMmdyiH0WLyifXCci7GQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFH/Jke8fxKpdRqx4sXIE7JWov+hwMB8GA1UdIwQY
MBaAFEbXE62o2rz3doHAykLZlp5EfI6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnRjVHJhamF2UGQyZ2NES1F0bVdua1I4anFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS84OWYwZjYtYTVhYy00NjdiLWE0YWQt
YmUyMThjZWY0YTExLzEvZjhtUjd4X0VxbDFHckhpeGNnVHNsYWlfNkhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS84OWYwZjYtYTVhYy00NjdiLWE0YWQtYmUyMThjZWY0YTEx
LzEvUnRjVHJhamF2UGQyZ2NES1F0bVdua1I4anFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAW9EoAwQA
W9EwAwQAW9EyMA8EAgACMAkDBwAqD1/A3q0wDQYJKoZIhvcNAQELBQADggEBAFdp
5kFCf9qSk9nkO8IgcgLzShTl7fv+FgaBej3RUiE4xc3r2SO5UaYnU7UMuroUUlAq
o6mgoS009SIfRCaV1yumbAJug40lbZLRSqBRPuYMQUR97BUX/SxM+AgiDuMcQiS3
Gc6wcgttAU2uhLz9RuJ43hTp8qIx8Wot3j8VejzA6GVPuUimYJXRfNhPPCpxfYKr
Hdfk/MAq8AljFtCewgrl7n3hZCyCpsOzN35iJVuycIy0xld0sucwbMySce/B4TjA
aFe3APLCf3HJttxRGzWCHkfolRp6Tl7iCbn3fzKCiWFjTC3npwBa3fzOnnOl4UPy
2W8mvR3Tmu69jqopjcc=
-----END CERTIFICATE-----
Generated at Mon Jun 17 14:45:55 2024 by rpki-client on console-fra.rpki-client.org